EVA ICS can run on any Linux or UNIX-compatible system, but for the smooth
install we recommend Ubuntu or Debian.

Install system package libow-dev to let EVA ICS install owfs module.

To sync item status between the components in real time -
MQTT-server (e.g. mosquitto)

Warning

Installation scripts try to install all required Python modules
automatically, but some of them can have problems installing with pip -
install can fail or be slow. It’s better to install these modules manually,
before running EVA installation scripts. Currently the problems can be
expected on ARM systems with:

Instead of setting up dedicated MQTT server, you can use cloud-based service,
e.g. AWS IoT.

Note

Cloud IoT services provide restricted broker functionality and don’t
guarantee event/message ordering. This means some state messages between
controllers may be lost (discarded by controller core if newer message with
the same topic is already received).

SYSTEM_SITE_PACKAGES=1 virtual environment will use system site
packages if their versions match with requested.

SKIP here you can specify the packages (in quotes, space separated),
which should be skipped (e.g. pandas cryptography and install it with
apt-get install python3-pandas python3-cryptography instead). To let
venv use system package, SYSTEM_SITE_PACKAGES=1 should also be present.

If you want to run some components under restricted users, create var
and log folders in EVA installation dir and make sure the restricted
users have an access to these folders before running easy-setup. If
you’ve customized ini files in etc, make sure the restricted user has an
access to both <component>.ini and <component>_apikeys.ini.

If you want to make some initial customization, e.g. name the controllers
different from the host name, make changes in etc/uc.ini, etc/lm.ini
and etc/sfa.ini configs first.

For the interactive setup, run ./easy-setup in EVA folder and follow the
instructions.

For the automatic setup, run ./easy-setup -h in EVA folder and choose
the installation type.

Setup log rotation by placing etc/logrotate.d/eva-* files to
/etc/logrotate.d system folder. Correct the paths to EVA files if necessary.

cp ./etc/logrotate.d/eva-* /etc/logrotate.d/

Setup automatic launch at boot time by placing EVADIR/sbin/eva-control start
command into system startup e.g. either to /etc/rc.local on System V, or for
systems with systemd (all modern Linux distributions):

Watchdog process is started automatically for each EVA controller and tests it
with the specified interval. Controller should respond to API call test
within the specified API timeout or it is forcibly restarted.

Watchdog configuration is located in file etc/watchdog and has the following
params:

WATCHDOG_INTERVAL checking frequency (default: 30 sec)

WATCHDOG_MAX_TIMEOUT maximum API timeout (default: 5 sec)

WATCHDOG_DUMP if the controller is not responding, try to create crash
dump before restarting (default: no).

All system items including macros have their
own ids. Item id should be unique within one server in simplelayout. When using enterprise layout, it is possible
for items to have the same id in different groups, however full item id
(group/id) should be always unique within one controller.

Note

Before adding items, consider what kind of layout you
want to use: simple or enterprise

Starting from 3.2.0, default item layout is enterprise.

Item groups can coincide and often it is convenient to make them similar: for
example, if you set groups=security/# in API key config file, you will allow
the key to access all the items in the security group and its subgroups
regardless of whether it is macro, sensor or logic variable. To set access to
a group of particular items, use oids, e.g. groups=sensor:security/#.

This does not apply to decision rules and
macros: a unique id is generated for each rule
automatically, macro id should be always unique.

Note

The triple underline (___) is used by system and should not be used in
item IDs or groups.

Suppose NGINX operates on 8443 port with SSL, and
SCADA Final Aggregator - without SSL. Let’s make the task even more complicated: let
NGINX receive the request not directly, but via port forwarding from the router
listening on an external domain (i.e. port 35200).

Additionally, we want to authorize:

by IP address or

basic auth by username/password or

by cookie-token (required for EVA Android Client since it passes basic auth
only when the server is requested for the first time)

With such setup, SFA Framework-based interface doesn’t perform any
authentication, eva_sfa_start() function is called as soon as UI is loaded.
API method login called by framework function will automatically log in user
using basic authentication credentials provided to front-end server.